mardi 11 décembre 2018    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Cloud Foundry Bits Service up to 2.17.x Signing Key Timing information disclosure

A vulnerability was found in Cloud Foundry Bits Service up to 2.17.x. It has been rated as problematic. This issue affects an unknown function of the component Signing Key. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Groovy Plugin up to 2.59 Sandbox SandboxTransformer.java privilege escalation

A vulnerability was found in Groovy Plugin up to 2.59. It has been classified as critical. This affects an unknown function in the library groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java of the file...
Auteur: VulDB

Script Security Plugin up to 1.47 Sandbox SandboxTransformer.java Code Execution

A vulnerability was found in Script Security Plugin up to 1.47 and classified as critical. Affected by this issue is an unknown function of the file groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java of the component...
Auteur: VulDB

Jenkins up to 2.153/LTS 2.138.3 CronTab.java denial of service

A vulnerability has been found in Jenkins up to 2.153/LTS 2.138.3 and classified as problematic. Affected by this vulnerability is an unknown function of the file CronTab.java. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Jenkins up to 2.153/LTS 2.138.3 Logging User.java User Name denial of service

A vulnerability, which was classified as problematic, was found in Jenkins up to 2.153/LTS 2.138.3. Affected is an unknown function of the file User.java of the component Logging. The manipulation as part of a User Name leads to a denial of...
Auteur: VulDB

Jenkins up to 2.153/LTS 2.138.3 DirectoryBrowserSupport.java information disclosure

A vulnerability, which was classified as problematic, has been found in Jenkins up to 2.153/LTS 2.138.3. This issue affects an unknown function of the file DirectoryBrowserSupport.java. The manipulation with an unknown input leads to a...
Auteur: VulDB

Jenkins up to 2.153/LTS 2.138.3 Stapler Web Framework MetaClass.java URL Code Execution

A vulnerability classified as critical was found in Jenkins up to 2.153/LTS 2.138.3. This vulnerability affects an unknown function of the file stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java of the component Stapler Web Framework....
Auteur: VulDB

Snapdragon Mobile/Wear up to SDA660 Trusted Application ID Generator Integer Overflow memory corruption

A vulnerability classified as critical has been found in Snapdragon Mobile and Wear up to SDA660. This affects an unknown function of the component Trusted Application ID Generator. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Jooan JA-Q1H Wi-Fi Camera 21.0.0.91 CreateUsers/SetImagingSettings/GetStreamUri denial of service

A vulnerability was found in Jooan JA-Q1H Wi-Fi Camera 21.0.0.91. It has been declared as problematic. Affected by this vulnerability is the function CreateUsers/SetImagingSettings/GetStreamUri. The manipulation with an unknown input leads to a...
Auteur: VulDB

Jooan JA-Q1H Wi-Fi Camera 21.0.0.91 GetStreamUri/GetVideoEncoderConfigurationOptions Empty String denial of service

A vulnerability was found in Jooan JA-Q1H Wi-Fi Camera 21.0.0.91. It has been classified as problematic. Affected is the function GetStreamUri/GetVideoEncoderConfigurationOptions. The manipulation as part of a Empty String leads to a denial of...
Auteur: VulDB

NoMachine up to 6.4.5 on Windows 10 DokanFS nxfs.sys denial of service

A vulnerability was found in NoMachine up to 6.4.5 on Windows 10 and classified as problematic. This issue affects an unknown function in the library nxfs.sys of the component DokanFS. The manipulation with an unknown input leads to a denial of...
Auteur: VulDB

IBM Curam Social Program Management 7.0.3 HTML Injection cross site scripting

A vulnerability, which was classified as problematic, was found in IBM Curam Social Program Management 7.0.3. This affects an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability (HTML...
Auteur: VulDB

Pivotal RabbitMQ Cookie information disclosure [CVE-2018-1279]

A vulnerability was found in Pivotal RabbitMQ (the affected version is unknown). It has been declared as problematic. This vulnerability affects an unknown function of the component Cookie Handler. The manipulation with an unknown input leads to...
Auteur: VulDB

Recherche médicale : quel est le cadre légal ?

Les traitements de données de santé mis en œuvre à des fins de recherche, d’étude ou d’évaluation dans le domaine de la santé sont encadrés par les dispositions du RGPD et du chapitre IX de la loi Informatique et Libertés modifiée. Les démarches...
Auteur: Cnil

Sigma Design Z-Wave S0/Z-Wave S1/Z-Wave S2 denial of service

A vulnerability, which was classified as problematic, was found in Sigma Design Z-Wave S0, Z-Wave S1 and Z-Wave S2 (version unknown). Affected is an unknown function. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

KT MC01507L Z-Wave S0 HPKP privilege escalation [CVE-2018-19982]

A vulnerability, which was classified as critical, has been found in KT MC01507L Z-Wave S0 (unknown version). This issue affects an unknown function of the component HPKP Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Hashicorp Consul up to 1.4.0 Agent-to-Agent RPC Communication Cleartext weak encryption

A vulnerability classified as critical was found in Hashicorp Consul up to 1.4.0. This vulnerability affects an unknown function of the component Agent-to-Agent RPC Communication. The manipulation with an unknown input leads to a weak encryption...
Auteur: VulDB

Xen up to 4.11.x on AMD x86 TLB Flush privilege escalation

A vulnerability, which was classified as critical, was found in Xen up to 4.11.x on AMD x86. This affects an unknown function of the component TLB Flush Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

Xen up to 4.11.x on Intel x86 HLE Transaction denial of service

A vulnerability classified as problematic has been found in Xen up to 4.11.x on Intel x86. This affects an unknown function of the component HLE Transaction Handler. The manipulation with an unknown input leads to a denial of service...
Auteur: VulDB

Xen up to 4.11.x privilege escalation [CVE-2018-19966]

A vulnerability was found in Xen up to 4.11.x. It has been rated as critical. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to declare the problem...
Auteur: VulDB

Xen up to 4.11.x Crash denial of service

A vulnerability was found in Xen up to 4.11.x. It has been declared as problematic. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a denial of service vulnerability (Crash). The CWE...
Auteur: VulDB

Xen 4.11.x P2M Lock denial of service

A vulnerability was found in Xen 4.11.x. It has been classified as problematic. Affected is an unknown function of the component P2M Lock Handler. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is...
Auteur: VulDB

Xen 4.11 x86 IOREQ Server privilege escalation

A vulnerability was found in Xen 4.11 and classified as critical. This issue affects an unknown function of the component x86 IOREQ Server. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to...
Auteur: VulDB

Xen up to 4.11.x on AMD x86 IOMMU Mapping privilege escalation

A vulnerability has been found in Xen up to 4.11.x on AMD x86 and classified as critical. This vulnerability affects an unknown function of the component IOMMU Mapping Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Anker Nebula Capsule Pro NBUI_M1_V2.1.9 on Android WifiService Crafted Application denial of service

A vulnerability classified as problematic has been found in Anker Nebula Capsule Pro NBUI_M1_V2.1.9 on Android. This affects an unknown function of the component WifiService. The manipulation as part of a Crafted Application leads to a denial of...
Auteur: VulDB
12345678910Last

Événements SSI

FIC

Le 11ème Forum International de la Cybersécurité occupe les 22 et 23 janvier 2019 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RENCONTRES AMRAE

Les 27èmes Rencontres de l'AMRAE (Association française des professionnels de la gestion des risques et des assurances) , le congrès annuel de référence des métiers du risque et des assurances, ont lieu du 6 au 8 février 2019 à Deauville (Centre International) sur le thème : "Le risque au coeur de la transformation". Organisées par l'AMRAE.

ACCESSECURITY

AccesSecurity, salon euro-méditerranéen de la sécurité globale, se tient à Marseille (Chanot) les 6 et 7 mars 2019. Organisé par Safim.

IT & IT SECURITY MEETINGS

IT & IT Security Meetings, «salon des réseaux, du cloud, de la mobilité et de la sécurité informatique», se tient à Cannes, Palais des Festivals et des Congrès du 19 au 21 mars 2019. Organisé par Weyou Group.

RSS